How can the security experience and process be made simpler for end-users?
Think of it this way, you wouldn't get into a car without a seatbelt. It’s second nature for most of us, and easy to do. In the 1970s when seatbelt laws were first passed, fatalities with car crashes went down. If we all had MFA and good cybersecurity hygiene, the bad stories about data breaches could be avoided or reduced too. We need a “cyber safety belt” – something that’s simple doesn’t get in the way, and become second nature.
There are two extremes with security. On one end, you can unplug everything from the internet, while constantly requiring physical and digital verification. That’s maximum security, but it’s also maximum inconvenience. On the other side, you can create a totally frictionless user experience, but leave your employees and systems completely exposed to malicious actors.
Security is all about balance. The goal with cybersecurity has to be a balance between becoming more secure while reducing time and cost burdens on IT and minimizing friction for end-users. A solution that can address that balance embodies the “cyber safety belt.”
For a while, access technologies were all about adding additional layers, barriers, and friction into the user’s path in the hopes of deterring a bad guy. But it’s not that simple – this is a huge burden to the end-user and ultimately IT who has to step in for every forgotten password.
Putting MFA on every single access request is tiresome. But it isn’t about fewer MFA requests or tougher passwords. Adaptability and intelligence are the answer. Adding a layer of intelligence into any identity and access solution can remove the friction. Next-Gen Access solutions use analytics powered by machine learning to intelligently determine the authenticity of a digital user and their device through SSO or MFA, while also actively governing access across an organization’s resources and reacting when risky behavior is detected.
We are firm believers that in security – especially identity and access – complexity introduces risk. The goal for us is effective security without performance gaps and difficult integrations and maintenance.
This post originally appeared in a Quora Q&A session hosted in May 2019. Our CEO Danny Kibel was asked to give his opinion on the state of cybersecurity, Zero Trust, working in the security field and entrepreneurship, among other things. For more of his answers visit Quora.
Danny Kibel
Danny Kibel is Chief Executive Officer at Idaptive, leading the overall strategy and vision for this newcomer to the identity and access management market. Under Danny’s direction, Idaptive is establishing its Next-Gen Access Cloud platform as the cornerstone of the Zero Trust approach to security, securing access for everyone, everywhere and on every device.
Prior to taking the helm at Idaptive, Danny was Vice President of Engineering & Operations at Centrify, where he led the development and delivery of the company’s cloud identity and mobility products.
With more than 20 years of experience designing, developing and delivering software, Danny has combined his deep technical background and strong business perspective to help create and deliver innovative products and solutions for enterprise software companies worldwide. Prior to his leadership roles at Idaptive and Centrify, he was a senior director at ServiceNow, leading several teams that automated and managed application releases in cloud environments. Before that, Danny was a senior software manager at Cisco for nearly eight years. Earlier in his career, he led the delivery and solutions team for a startup company that was later acquired by Cisco.
Danny graduated from the Hebrew University of Jerusalem with a degree in computer science and later earned an MBA in marketing and technology management from Tel Aviv University.
CHAMELEON-LIKE SUPERPOWER
If Danny could have any chameleon-like superpower, it would be the chameleon's 360-degree vision. In the wild, the chameleon is faced with opportunities (a yummy grasshopper hanging about), as well as dangers (a snake lurking nearby, or a hawk flying up above), so having 360- degree vision helps the chameleon evolve while protecting it from predators. “Similarly, to run a successful business, one needs to have a wide perspective of the market, technology, opportunities and challenges.”